erichard / cloudfront-proxies-bundle
Trusts the AWS Cloudfront proxies IP in your Symfony projects
Installs: 9 070
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 4
Forks: 2
Open Issues: 0
Type:symfony-bundle
Requires
- symfony/framework-bundle: ^4.4.0 || ^5.0
- symfony/http-client: ^4.4.0 || ^5.0
Requires (Dev)
- phpspec/prophecy-phpunit: ^2.0
This package is auto-updated.
Last update: 2024-04-16 19:34:35 UTC
README
The bundle automatically register all Cloudfront IP range to the list of the trusted proxies.
The IP range is downloaded from AWS : https://ip-ranges.amazonaws.com/ip-ranges.json
These IPs are cached for one hour by default.
Configuration
Check the default configuration below.
# config/packages/erichard_cloudfront_proxies.yaml erichard_cloudfront_proxies: expire: 3600 cache: cache.app ip_range_url: https://ip-ranges.amazonaws.com/ip-ranges.json
Note
The IP list is only downloaded when the request contains a Cloudfront-Forwarded-Proto header. According to the AWS documentation this header is not sent by default so you need to configure your Cloudfront distribution properly.
The bundle also take care of setting back the X-Forwarded-Proto header based on Cloudfront-Forwarded-Proto.